aboutsummaryrefslogtreecommitdiff
path: root/src/libmbedcrypto.c
AgeCommit message (Collapse)AuthorFilesLines
2019-03-07Use a common KDF functionSimo Sorce1-63/+6
Cleanup the KDF function to use only one function per crypto backend. Improve the KDF function to properly handle requested lenght and to avoid unnecessarily reallocating buffers. In OpenSSL use the new EVP_KDF API if available. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-02-22Remove SHA384 HMACDirkjan Bussink1-3/+0
This is not supported by OpenSSH and not recommended to be implemented either. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-02-21crypto: Use uint8_t instead of non-standard u_charTilo Eckert1-2/+2
Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-12-19crypto: Disable blowfish support by defaultAndreas Schneider1-0/+2
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-11-30crypto: Use size_t for len argument in encrypt and decrpyt fnAndreas Schneider1-4/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-23crypto: Avoid unused parameter warningsJakub Jelen1-0/+1
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09libmbedtls: Support OpenSSH-compatible AES-GCM ciphers using mbedTLSJakub Jelen1-0/+159
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09libmbedtls: Simplify the cipher setupJakub Jelen1-82/+56
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18libmbedcrypto: Fix creating evp hashAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-08-20mbedtls: Use getter for ssh_mbedtls_ctr_drbgAndreas Schneider1-0/+8
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05crypto: Split init and finalize functionsAris Adamantiadis1-2/+17
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05bignum: Harmonize ssh_get_random()Aris Adamantiadis1-0/+5
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-30chachapoly: Use a function instead of an extern variableAndreas Schneider1-3/+1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-29Rest in Peace SSHv1Andreas Schneider1-144/+0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-06-29kex: Enable chacha20-poly1304 KEX with mbedtlsAndreas Schneider1-0/+18
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-28add mbedtls crypto supportJuraj Vijtiuk1-0/+1122
Summary: This patch adds support for mbedTLS as a crypto backend for libssh. mbedTLS is an SSL/TLS library that has been designed to mainly be used in embedded systems. It is loosely coupled and has a low memory footprint. mbedTLS also provides a cryptography library (libmbedcrypto) that can be used without the TLS modules. The patch is unfortunately quite big, since several new files had to be added. DSA is disabled at compile time, since mbedTLS doesn't support DSA Patch review and feedback would be appreciated, and if any issues or suggestions appear, I'm willing to work on them. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: * The patch has been tested with a Debug and MinSizeRel build, with libssh unit tests, client tests and the pkd tests. * All the tests have been run with valgrind's memcheck, drd and helgrind tools. * The examples/samplessh client works when built with the patch. Reviewers: asn, aris Subscribers: simonsj Differential Revision: https://bugs.libssh.org/D1